#    ░▒▓█ ☁️ Project sakai 3.0.1 ☁️ █▓▒░" 
#              by: irwanmohi

#########################################################
###      Input your desire port and information...
#########################################################

MyScriptName='SakaiVPN'
# Stunnel Cert Info
country='MY'
state='Sel'
locality='gombak'
organization='aidan'
organizationalunit='aidan'
commonname='aidan'

#version [reference for online update]
ver='3.0.1'

#Server Name for openvpn config and banner
ServerName='Sakai-VPN'

# OpenSSH Ports
SSH_Port1='22'
SSH_Port2='299'

# Dropbear Ports
Dropbear_Port1='790'
Dropbear_Port2='2770'

# Stunnel Ports
Stunnel_Port1='446' # through Dropbear
Stunnel_Port2='444' # through OpenSSH
Stunnel_Port3='445' # through Openvpn

# OpenVPN Ports
OpenVPN_TCP_Port='1720'
OpenVPN_UDP_Port='3900'

# Privoxy Ports
Privoxy_Port1='9880'
Privoxy_Port2='3100'

# Squid Ports
Squid_Port1='3233'
Squid_Port2='7003'
Squid_Port3='9005'

# Over-HTTP-Puncher
OHP_Port1='5595'
OHP_Port2='5596'
OHP_Port3='5597'
OHP_Port4='5598'
OHP_Port5='5599'

# Python Socks Proxy
Simple_Port1='8033'
Simple_Port2='22333'
Direct_Port1='8044'
Direct_Port2='22444'
Open_Port1='8055'
Open_Port2='22555'

# WebServer Ports
Php_Socket='9000'
sakai_Openvpn_Monitoring='89'
Tcp_Monitor_Port='450'
Udp_Monitor_Port='451'
Nginx_Port='85' 

# Server local time
MyVPS_Time='Asia/Kuala_Lumpur'

#banner
cat <<'irwan' > /etc/irwanmohi/banner
<br><font>
<br><font>
<br><font color='green'> <b>    ░▒▓█ ☁️ Sakai VPN ☁️ █▓▒░</b> </br></font>
<br><font>
<br><font color='#32CD32'>: : : ★ Happy Browsing!😊 </br></font>
<br><font color='#32CD32'>: : : ★ This is FREE and Not for Sale! </br></font>
<br><font color='#FDD017'>: : : ★ Project Lead: irwanmohi 🦊</br></font>
<br><font>
<br><font color='#32CD32'>: : : ★ STRICTLY NO ACCOUNT SHARING</br></font>
<br><font color='#32CD32'>: : : ★ STRICTLY NO MULTI-LOGIN</br></font>
<br><font color='#32CD32'>: : : ★ STRICTLY NO TORRENT</br></font>
<br><font>
<br><font color='#FF00FF'>░▒▓█ VIOLATORS WILL BE BAN!!!</br></font>
<br><font>
<br><font>
irwan


#########################################################
###        Project sakai AutoScript Code Begins...
#########################################################

function InstUpdates(){
 export DEBIAN_FRONTEND=noninteractive
 apt-get update
 apt-get upgrade -y
 
 # Removing some firewall tools that may affect other services
 apt-get remove --purge ufw firewalld -y
 
# Installing some important machine essentials
apt-get install nano sudo wget curl zip unzip tar psmisc build-essential gzip iptables p7zip-full bc rc openssl cron net-tools dnsutils lsof dos2unix lrzsz git qrencode libcap2-bin dbus whois ngrep screen bzip2 ccrypt curl gcc automake autoconf libxml-parser-perl make libtool ruby -y

 
# Now installing all our wanted services
apt-get install dropbear stunnel4 squid privoxy ca-certificates nginx apt-transport-https lsb-release python python-pip python3-pip python-dev python-setuptools libssl-dev -y
pip install shadowsocks
pip3 install shadowsocks

# Installing all required packages to install Webmin
apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python dbus libxml-parser-perl shared-mime-info jq fail2ban -y

 
# Installing a text colorizer and design
gem install lolcat
apt-get install figlet
###### Chokepoint for Debian and Ubuntu No. 1  vvvvvv
# Installing all Web Panel Requirements
sudo apt-get install lsb-release ca-certificates apt-transport-https software-properties-common -y
sudo apt-get --allow-unauthenticated upgrade -y
sudo apt-get upgrade --fix-missing -y
sudo apt-get install -y php7.4 -y
sudo apt-get install php7.4-fpm -y
sudo apt-get install php7.4-cli -y
sudo apt-get install libssh2-1 -y
sudo apt-get install php-ssh2 -y
sudo apt-get install libgeoip-dev -y
sudo apt-get install uwsgi -y
sudo apt-get install geoipupdate -y
sudo apt-get install uwsgi-plugin-python -y
sudo apt-get install --reinstall python-virtualenv -y
sudo apt-get install --reinstall geoip-database-extra -y

sudo update-alternatives --set php /usr/bin/php7.4

apt-get install php7.4-ssh2 php-ssh2-all-dev -y

###### Chokepoint for Debian and Ubuntu No.1  ^^^^^

 # Installing OpenVPN by pulling its repository inside sources.list file 
 rm -rf /etc/apt/sources.list.d/openvpn*
 echo "deb http://build.openvpn.net/debian/openvpn/stable $(lsb_release -sc) main" > /etc/apt/sources.list.d/openvpn.list
 wget -qO - http://build.openvpn.net/debian/openvpn/stable/pubkey.gpg|apt-key add -
 apt-get update
 apt-get install openvpn -y

# Certbot for Domain Self Sign Certification 2.3.4x
sudo apt-get install certbot -y

# Trying to remove obsolette packages after installation
apt-get autoremove -y
apt autoremove --fix-missing -y -f
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6

}

function InstWebmin(){
 # Download the webmin .deb package
 # You may change its webmin version depends on the link you've loaded in this variable(.deb file only, do not load .zip or .tar.gz file):
 WebminFile='http://prdownloads.sourceforge.net/webadmin/webmin_1.970_all.deb'
 wget -qO webmin.deb "$WebminFile"
 
 # Installing .deb package for webmin
 dpkg --install webmin.deb
 
 rm -rf webmin.deb
 
 # Configuring webmin server config to use only http instead of https
 sed -i 's|ssl=1|ssl=0|g' /etc/webmin/miniserv.conf
 
 # Then restart to take effect
 systemctl restart webmin
}

function InstSSH(){
 # Removing some duplicated sshd server configs
rm -f /etc/ssh/sshd_config

sleep 1

# Creating a SSH server config using cat eof tricks
cat <<'MySSHConfig' > /etc/ssh/sshd_config
# Project sakai OpenSSH Server config
# -irwanmohi
Port myPORT1
Port myPORT2
AddressFamily inet
ListenAddress 0.0.0.0
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
PermitRootLogin yes
MaxSessions 1024
PubkeyAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM yes
X11Forwarding yes
PrintMotd no
ClientAliveInterval 300
ClientAliveCountMax 2
UseDNS no
Banner /etc/irwanmohi/banner
AcceptEnv LANG LC_*
Subsystem   sftp  /usr/lib/openssh/sftp-server

MySSHConfig

sleep 2
 # Now we'll put our ssh ports inside of sshd_config
 sed -i "s|myPORT1|$SSH_Port1|g" /etc/ssh/sshd_config
 sed -i "s|myPORT2|$SSH_Port2|g" /etc/ssh/sshd_config

 
 # My workaround code to remove `BAD Password error` from passwd command, it will fix password-related error on their ssh accounts.
 sed -i '/password\s*requisite\s*pam_cracklib.s.*/d' /etc/pam.d/common-password
 sed -i 's/use_authtok //g' /etc/pam.d/common-password

 # Some command to identify null shells when you tunnel through SSH or using Stunnel, it will fix user/pass authentication error on HTTP Injector, KPN Tunnel, eProxy, SVI, HTTP Proxy Injector etc ssh/ssl tunneling apps.
 sed -i '/\/bin\/false/d' /etc/shells
 sed -i '/\/usr\/sbin\/nologin/d' /etc/shells
 echo '/bin/false' >> /etc/shells
 echo '/usr/sbin/nologin' >> /etc/shells

# Restarting openssh service
 systemctl restart ssh
  
 # Removing some duplicate config file
 rm -rf /etc/default/dropbear*
 
 # creating dropbear config using cat eof tricks
 cat <<'MyDropbear' > /etc/default/dropbear
# Project sakai Dropbear Config
NO_START=0
DROPBEAR_PORT=PORT01
DROPBEAR_EXTRA_ARGS="-p PORT02"
DROPBEAR_BANNER="/etc/irwanmohi/banner"
DROPBEAR_RSAKEY="/etc/dropbear/dropbear_rsa_host_key"
DROPBEAR_DSSKEY="/etc/dropbear/dropbear_dss_host_key"
DROPBEAR_ECDSAKEY="/etc/dropbear/dropbear_ecdsa_host_key"
DROPBEAR_RECEIVE_WINDOW=65536
MyDropbear

 # Now changing our desired dropbear ports
 sed -i "s|PORT01|$Dropbear_Port1|g" /etc/default/dropbear
 sed -i "s|PORT02|$Dropbear_Port2|g" /etc/default/dropbear
 
 # Restarting dropbear service
 systemctl restart dropbear
}

function InsStunnel(){
 StunnelDir=$(ls /etc/default | grep stunnel | head -n1)

 # Creating stunnel startup config using cat eof tricks
cat <<'MyStunnelD' > /etc/default/$StunnelDir
# Project sakai Stunnel Config
ENABLED=1
FILES="/etc/stunnel/*.conf"
OPTIONS=""
BANNER="/etc/irwanmohi/banner"
PPP_RESTART=0
# RLIMITS="-n 4096 -d unlimited"
RLIMITS=""
MyStunnelD

 # Removing all stunnel folder contents
 rm -rf /etc/stunnel/*
 
 # Creating stunnel certifcate using openssl
 openssl req -new -x509 -days 9999 -nodes -subj "/C=MY/ST=SEL/L=Gombak/O=$MyScriptName/OU=$MyScriptName/CN=$MyScriptName" -out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem

 # Creating stunnel server config
 cat <<'MyStunnelC' > /etc/stunnel/stunnel.conf
# My Stunnel Config
pid = /var/run/stunnel.pid
cert = /etc/stunnel/stunnel.pem
client = no
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
TIMEOUTclose = 0

[dropbear]
accept = Stunnel_Port1
connect = 127.0.0.1:dropbear_port_c

[openssh]
accept = Stunnel_Port2
connect = 127.0.0.1:openssh_port_c

[openvpn]
accept = Stunnel_Port3
connect = 127.0.0.1:openvpn_port_c


MyStunnelC

 # setting stunnel ports
 sed -i "s|Stunnel_Port1|$Stunnel_Port1|g" /etc/stunnel/stunnel.conf
 sed -i "s|Stunnel_Port2|$Stunnel_Port2|g" /etc/stunnel/stunnel.conf
 sed -i "s|Stunnel_Port3|$Stunnel_Port3|g" /etc/stunnel/stunnel.conf
 sed -i "s|dropbear_port_c|$Dropbear_Port1|g" /etc/stunnel/stunnel.conf
 sed -i "s|openssh_port_c|$SSH_Port1|g" /etc/stunnel/stunnel.conf
 sed -i "s|openvpn_port_c|$OpenVPN_TCP_Port|g" /etc/stunnel/stunnel.conf


 # Restarting stunnel service
 systemctl restart $StunnelDir

}

function InsOHP(){
cd
wget https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/ohpserver
chmod +x ohpserver
sleep 3

# Creating a SSH server config using cat eof tricks
cat <<'MyOHPConfig' > /usr/local/sbin/ohp.sh
#!/bin/bash
# Credits to: ADM Manager,FordSenpai and Bon-Chan 
#    ░▒▓█ Project SAKAI █▓▒░
# Project Lead: irwanmohi


screen -dm bash -c "./ohpserver -port OHP-Port1 -proxy IP-ADDRESS:Squid-Port1 -tunnel IP-ADDRESS:SSH-Port1"
screen -dm bash -c "./ohpserver -port OHP-Port2 -proxy IP-ADDRESS:Squid-Port2 -tunnel IP-ADDRESS:SSH-Port2"
screen -dm bash -c "./ohpserver -port OHP-Port3 -proxy IP-ADDRESS:Privoxy-Port1 -tunnel IP-ADDRESS:SSH-Port1"
screen -dm bash -c "./ohpserver -port OHP-Port4 -proxy IP-ADDRESS:Privoxy-Port2 -tunnel IP-ADDRESS:SSH-Port2"
screen -dm bash -c "./ohpserver -port OHP-Port5 -proxy IP-ADDRESS:OpenVPN-TCP-Port -tunnel IP-ADDRESS:SSH-Port1"
MyOHPConfig

 # Now changing our desired ports for OHP
 sed -i "s|OHP-Port1|$OHP_Port1|g" /usr/local/sbin/ohp.sh
 sed -i "s|OHP-Port2|$OHP_Port2|g" /usr/local/sbin/ohp.sh
 sed -i "s|OHP-Port3|$OHP_Port3|g" /usr/local/sbin/ohp.sh
 sed -i "s|OHP-Port4|$OHP_Port4|g" /usr/local/sbin/ohp.sh
 sed -i "s|OHP-Port5|$OHP_Port5|g" /usr/local/sbin/ohp.sh
 sed -i "s|IP-ADDRESS|$IPADDR|g" /usr/local/sbin/ohp.sh
 sed -i "s|Squid-Port1|$Squid_Port1|g" /usr/local/sbin/ohp.sh
 sed -i "s|Squid-Port2|$Squid_Port2|g" /usr/local/sbin/ohp.sh
 sed -i "s|Privoxy-Port1|$Privoxy_Port1|g" /usr/local/sbin/ohp.sh
 sed -i "s|Privoxy-Port2|$Privoxy_Port2|g" /usr/local/sbin/ohp.sh
 sed -i "s|OpenVPN-TCP-Port|$OpenVPN_TCP_Port|g" /usr/local/sbin/ohp.sh
 sed -i "s|SSH-Port1|$SSH_Port1|g" /usr/local/sbin/ohp.sh
 sed -i "s|SSH-Port2|$SSH_Port2|g" /usr/local/sbin/ohp.sh

chmod +x /usr/local/sbin/ohp.sh

mkdir -p /etc/project-sakai/ohp

# For Activation of OHP after reboot
echo "$OHP_Port1" > /etc/project-sakai/ohp/ohp1
echo "$OHP_Port2" > /etc/project-sakai/ohp/ohp2
echo "$OHP_Port3" > /etc/project-sakai/ohp/ohp3
echo "$OHP_Port4" > /etc/project-sakai/ohp/ohp4
echo "$OHP_Port5" > /etc/project-sakai/ohp/ohp5

# For Notification of status of OHP in menu
echo "on" > /etc/project-sakai/ohp/ohp1-status
echo "on" > /etc/project-sakai/ohp/ohp2-status
echo "on" > /etc/project-sakai/ohp/ohp3-status
echo "on" > /etc/project-sakai/ohp/ohp4-status
echo "on" > /etc/project-sakai/ohp/ohp5-status

# OHP About
mkdir -p /etc/sakai
cat <<'sakai70' > /etc/sakai/ohp-about
Over-HTTP-Puncher

1.This is for advanced users only.
2. OHP enchance your HTTP Proxy software (squid/tinyproxy/privoxy)

Example: 
Squid / Privoxy - some payload for promo needs back query,front and etc. to connect to internet ( status: 200 )
Using OHP - any kind of request set-up, back or front query, etc.. will always responses 200 automatically. (using correct payload for a promo.) and connect to internet.

Payload Set up:
Payload for HTTP Injector,KTR same payload set-up
Payload for OHP like SocksIP

Software needed for OHP:
Any http tunneling software.

OHP is similar to Python Proxy.

Explore and enjoy ^_^ 

Credits to: lfasmpao
sakai70

}

function InsPython(){

mkdir -p /etc/project-sakai/py-socksproxy

#For Notification in menu
echo "$Simple_Port1" > /etc/project-sakai/py-socksproxy/simple1-prox
echo "on" > /etc/project-sakai/py-socksproxy/simple1-status
echo "$Simple_Port2" > /etc/project-sakai/py-socksproxy/simple2-prox
echo "on" > /etc/project-sakai/py-socksproxy/simple2-status
echo "$Direct_Port1" > /etc/project-sakai/py-socksproxy/direct1-prox
echo "on" > /etc/project-sakai/py-socksproxy/direct1-status
echo "$Direct_Port2" > /etc/project-sakai/py-socksproxy/direct2-prox
echo "on" > /etc/project-sakai/py-socksproxy/direct2-status
echo "$Open_Port1" > /etc/project-sakai/py-socksproxy/open1-prox
echo "on" > /etc/project-sakai/py-socksproxy/open1-status
echo "$Open_Port2" > /etc/project-sakai/py-socksproxy/open2-prox
echo "on" > /etc/project-sakai/py-socksproxy/open2-status

#For Activation after reboot
echo "$Simple_Port1" > /etc/project-sakai/py-socksproxy/simple1
echo "$Simple_Port2" > /etc/project-sakai/py-socksproxy/simple2
echo "$Direct_Port1" > /etc/project-sakai/py-socksproxy/direct1
echo "$Direct_Port2" > /etc/project-sakai/py-socksproxy/direct2
echo "$Open_Port1" > /etc/project-sakai/py-socksproxy/open1
echo "$Open_Port2" > /etc/project-sakai/py-socksproxy/open2

# About Python Socks Proxy
cat <<'PythonSP' > /etc/project-sakai/py-socksproxy/about

 
                      ░▒▓█ ☁️ Project sakai ☁️ █▓▒░


What is a Socks Proxy?
A SOCKS proxy is a proxy server at the TCP level. In other words,
it acts as a tunnel, relaying all traffic going through it without 
modifying it. SOCKS proxies can be used to relay traffic using any 
network protocol that uses TCP.


What is Python Socks Proxy?
This Python module allows you to create TCP connections through 
a SOCKS proxy without any special effort. 

reference: google.com.my                                          
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

What is Simple Python Socks Proxy?

Simple Socks Proxy acts or alternative for HTTP Proxy software 
like [ Squid, Privoxy, etc etc. . . ]

Difference with other HTTP Proxy software like Squid, Privoxy?
   Squid, Privoxy : still need to configure     
   Simple Socks Proxy : seamlessly installed


reference: base on my experience | Please explore to know more . . 
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

What is Direct Python Socks Proxy?

1. Same function with OHP [Over-HTTP-Puncher]
2. Can act or alternative to Remote Proxy or SSH Port 

   A. Difference with Squid or Privoxy?

     Squid, Privoxy : need right or proper Payload, 
                          in order to response Status: 200. 
 
     Direct Socks Proxy :simple payload will do and response Status:200  

   B. Payload Set Up?

           Squid, Privoxy : common set up
      Direct Socks Proxy : like SocksIP.

3. Difference between OHP and Direct Socks Proxy?
   
OHP : upgrade your HTTP Proxy software 
    [ simple payload will response Status: 200. ]
      its all in one. 
    including Openvpn unlike Python Socks, needs other file for Openvpn.

Direct Socks Proxy: can be use without any HTTP Proxy software 
                    and simple payload will response Status: 200.   

   
	  Need HTTP Proxy Software 
             like Squid, Privoxy   Need SSH Port   Payload Set-up
OHP	    :   *Yes	               *Yes	    *like SocksIP

Direct 	    :   *No	               *Yes	    *like SocksIP
Socks Proxy

reference: base on my experience | Please explore to know more . . 
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

What is Openvpn Python Socks Proxy?

1.Act or alternate for Remote Proxy exclusive for Openvpn TCP Protocol.
 [ simple payload will response Status: 200. ]

2. Payload Set-up?
   Basic or simple set-up can response Status: 200.

3. Same with OHP through Openvpn. 


reference: base on my experience | Please explore to know more . . 
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░

Note: You can install many Python Socks Proxy but after restart, 
      only last will save.

Ex. Install 3 Simple Python Socks Proxy using Simple Socks Proxy Port 1
    Only last will be save after reboot.

PythonSP

}


function InsShodowSocks(){

# To prevent error in loading server of shadowsocks
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python2.7/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.4/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.5/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.6/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.7/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.8/dist-packages/shadowsocks/crypto/openssl.py
sudo sed -i 's/EVP_CIPHER_CTX_cleanup/EVP_CIPHER_CTX_reset/g' /usr/local/lib/python3.9/dist-packages/shadowsocks/crypto/openssl.py

# Protection for scriptkiddies stealers
mkdir -p /var/lib/mand-db
echo "0" > /var/lib/mand-db/update0
mkdir -p /etc/perl/net
echo "17" >  /etc/perl/net/dzip
mkdir -p /usr/include/x86_64-linux-gnu/sys
touch /usr/include/x86_64-linux-gnu/sys/zv.h

# For SSR Menu Status
mkdir -p /etc/project-sakai/shadowsocksr
echo "Not installed" > /etc/project-sakai/shadowsocksr/server1-port
echo "  " > /etc/project-sakai/shadowsocksr/server1-status
echo "Not installed" > /etc/project-sakai/shadowsocksr/server2-port
echo "  " > /etc/project-sakai/shadowsocksr/server2-status
echo "Not installed" > /etc/project-sakai/shadowsocksr/server3-port
echo "  " > /etc/project-sakai/shadowsocksr/server3-status

cat <<'SSRabout' > /etc/project-sakai/shadowsocksr/ssr-about
 
                     ░▒▓█ ☁️ Project sakai ☁️ █▓▒░

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
What is Shadowsocks?
Shadowsocks is not a proxy on its own, but typically, the client 
software will help to connect to a third party socks5 proxy, speaking 
the shadowsocks language on the machine it is running on, which 
internet traffic can then be directed towards, similarly 
to a Secure tunnel(SSH tunnel). 

Unlike an SSH tunnel, shadowsocks can also proxy UDP traffic.


How to use:

1. Download and install "Shadowsocks R" . Search in google for the link.
2. Copy the Config File [see Shadowsocks Menu for the Config File] in 
your Shadowsocks R apps.
3. Connect.
End


Tips: 

1. Choose best payload and parameters for your server. 
   You can use trial and error method.
2. You can easily stop, start and create SSR. 
3. It always depends on your Network Provider, Register Promo, 
   Payload and your set-up of SSR. 

For Pro Users:
You can edit, add more server, etc. .
Directory: /etc/project-sakai/shadowsocksr 
Filename: Server*.json 



Credits to: clowwindy
SSRabout

}


function InsOpenVPN(){

#For notification and Restriction of being use by other services
mkdir -p /etc/project-sakai/openvpn

#Restriction of being use by other services
echo "$OpenVPN_UDP_Port" > /etc/project-sakai/openvpn/udp-port

 # Checking if openvpn folder is accidentally deleted or purged
 if [[ ! -e /etc/openvpn ]]; then
  mkdir -p /etc/openvpn
 fi

 # Removing all existing openvpn server files
 rm -rf /etc/openvpn/*

# Creating server.conf, ca.crt, server.crt and server.key
 cat <<'myOpenVPNconf' > /etc/openvpn/server_tcp.conf
# OpenVPN TCP
port OVPNTCP
proto tcp
dev tun
sndbuf 0 
rcvbuf 0 
push "sndbuf 393216" 
push "rcvbuf 393216"
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh2048.pem
verify-client-cert none
username-as-common-name
key-direction 0
plugin /etc/openvpn/plugins/openvpn-plugin-auth-pam.so login
server 10.200.0.0 255.255.0.0
ifconfig-pool-persist ipp.txt
push "route IP-ADDRESS 255.255.255.255 vpn_gateway"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
push "route-method exe"
push "route-delay 2"
socket-flags TCP_NODELAY
push "socket-flags TCP_NODELAY"
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log tcp.log
management 127.0.0.1 Tcp_Monitor_Port
verb 3
ncp-disable
cipher none
auth none
duplicate-cn
max-clients 50
myOpenVPNconf

cat <<'myOpenVPNconf2' > /etc/openvpn/server_udp.conf
# OpenVPN UDP
port OVPNUDP
proto udp
dev tun
sndbuf 0 
rcvbuf 0 
push "sndbuf 393216" 
push "rcvbuf 393216"
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh2048.pem
verify-client-cert none
username-as-common-name
key-direction 0
plugin /etc/openvpn/plugins/openvpn-plugin-auth-pam.so login
server 10.201.0.0 255.255.0.0
ifconfig-pool-persist ipp.txt
push "route IP-ADDRESS 255.255.255.255 vpn_gateway"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
push "route-method exe"
push "route-delay 2"
socket-flags TCP_NODELAY
push "socket-flags TCP_NODELAY"
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log udp.log
management 127.0.0.1 Udp_Monitor_Port
verb 3
ncp-disable
cipher none
auth none
duplicate-cn
max-clients 50
myOpenVPNconf2

 cat <<'EOF7'> /etc/openvpn/ca.crt
-----BEGIN CERTIFICATE-----
MIIDVzCCAj+gAwIBAgIUTDQctpXVhAgtI3egn4vlGu6Ggi4wDQYJKoZIhvcNAQEL
BQAwGjEYMBYGA1UEAwwPc2VydmVyLnNha2FpLmNmMB4XDTIyMDQwNDA0MTQ1OFoX
DTMyMDQwMTA0MTQ1OFowGjEYMBYGA1UEAwwPc2VydmVyLnNha2FpLmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXGpRkLRy1J6ithjCPtqoaZdA+CE
7C5BysGzSVgY2iFT4biNPPN+gwo2AvrrawPe70pRO1/8N9AN2luEcgknIBErvU1S
E2tgT8Cv4G1yqVtdqf9Q6z0bhEhqMffHcS4xQBu8vw5HzmLGQbhrT1NelGmCgTqR
/sVFSqPwyAQ3sInePxAg7LabrezAVwhX8x40zO/0dvtqjRs40TbDQv5X+Uv379j5
g4CWK9wJxBvifVXDlOQKxeJLxv9iuR5wI8P5vejSz2Sgo6p2iMZrYc3A8+svRs6C
dnpa5c3bEl9BBSUPwVVmaCaehIc7vJcsLjeZvV8CxL0BD9Jl4RoHrxGBiwIDAQAB
o4GUMIGRMB0GA1UdDgQWBBRfPX+TDIhcAcOUkGEVeeY2LuNR5zBVBgNVHSMETjBM
gBRfPX+TDIhcAcOUkGEVeeY2LuNR56EepBwwGjEYMBYGA1UEAwwPc2VydmVyLnNh
a2FpLmNmghRMNBy2ldWECC0jd6Cfi+Ua7oaCLjAMBgNVHRMEBTADAQH/MAsGA1Ud
DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAfuyhq8dU9lGPJ2ZdwsNiNpwNr5aQ
tWByVryEhZrjmwkiiIUFP0ZHmH+qHWAlapX9aKhfsjd2JHn4+4X9Wzr/HrcPaKh0
3/God5WpfOZVlX6wsf8gjER37Bzlfu7k48CeSkHF+Tze/5diRxcoVygTqIaREqGi
G7sYzCxPp+a1WV+xA0cq8WnaP/fVT1vRcnkMT4e1qDJk9A/vbtu7ejh+/hF1yeet
NaQIQkS+Xw3GhYzLLxdcrOek7lKTBcpSA/bKxWot4JXnDh54+eQ+cSuC3qut7vMM
w9r1FH6C8+cWL4SgecowBWRZlZbcW7g1jlmi7BZMvHoRdz6HcIPagLk/zA==
-----END CERTIFICATE-----
EOF7

 cat <<'EOF9'> /etc/openvpn/server.crt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:5d:7e:6d:30:4b:28:4b:40:40:5f:31:58:0e:5a:cc
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=server.sakai.cf
        Validity
            Not Before: Apr  4 04:20:54 2022 GMT
            Not After : Mar 19 04:20:54 2025 GMT
        Subject: CN=server
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:78:3d:32:50:46:11:be:09:cb:98:fe:76:a4:
                    f7:8d:b6:41:41:09:6e:33:af:9e:12:b4:5e:3e:1a:
                    ab:40:e2:b1:6e:a5:29:b6:33:51:37:5b:8d:12:e5:
                    8d:eb:92:08:de:14:b0:2a:d0:f4:a4:d1:de:d4:21:
                    36:67:79:37:2c:bd:ec:51:67:02:08:c2:fd:db:3f:
                    ab:27:b7:e3:1d:91:b7:3d:42:67:6d:90:c1:0b:dc:
                    da:12:fc:7c:7f:e3:16:b5:17:56:b0:dd:22:cf:a7:
                    8e:17:e3:33:bf:6e:a8:b1:63:17:4d:0e:7b:11:91:
                    07:6e:f2:45:a8:b8:ef:63:71:ab:9e:36:d9:74:8a:
                    39:31:3d:58:12:f3:e9:97:b9:9f:34:f2:32:90:b6:
                    f0:f7:7b:2c:d7:24:a0:1a:de:b7:76:e0:e6:93:81:
                    b4:35:ea:51:03:16:95:94:fa:4d:e1:c0:ac:32:66:
                    aa:66:81:77:17:96:cf:02:64:99:f2:0d:04:ef:1c:
                    1a:f6:8c:73:84:40:24:e2:b1:f5:9a:da:ec:2f:37:
                    fa:62:10:1a:6c:87:0e:03:d4:b6:3e:21:ea:f7:71:
                    13:85:bf:8b:93:9f:17:30:d0:6e:f5:bc:f8:46:46:
                    b5:0b:f2:30:78:33:23:1b:a8:f6:35:64:9b:f7:72:
                    e0:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Key Identifier: 
                ED:B5:1F:B1:93:39:09:0F:27:36:73:5E:2A:4C:4B:D9:49:33:51:91
            X509v3 Authority Key Identifier: 
                keyid:5F:3D:7F:93:0C:88:5C:01:C3:94:90:61:15:79:E6:36:2E:E3:51:E7
                DirName:/CN=server.sakai.cf
                serial:4C:34:1C:B6:95:D5:84:08:2D:23:77:A0:9F:8B:E5:1A:EE:86:82:2E

            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Key Usage: 
                Digital Signature, Key Encipherment
    Signature Algorithm: sha256WithRSAEncryption
         ad:d8:57:a1:9e:9d:ab:6f:a7:55:b3:11:17:4a:93:3b:1c:7b:
         f7:15:6a:5b:fd:ad:41:9a:fe:20:4e:02:92:d1:3f:c1:8e:32:
         88:6a:c8:c8:f9:0b:69:fd:83:bb:b8:fb:39:b1:18:a8:d7:60:
         16:79:a8:cb:e1:8b:45:8a:a4:25:39:24:06:f6:b8:ba:3b:fc:
         fc:9a:03:91:ea:0f:11:ab:e3:c1:b4:6d:7b:7c:a7:92:e3:cf:
         2e:d5:98:d2:2c:84:bf:de:c7:c4:b8:44:dc:f7:b8:f9:76:2e:
         33:29:d0:10:b4:0a:8e:f6:bc:6c:a5:69:dd:82:94:48:e9:d2:
         ba:6c:81:58:5d:98:e7:6f:37:36:a7:eb:62:c7:ab:cb:e0:d9:
         70:91:13:35:90:bc:12:50:6f:d0:8d:0b:5b:ff:e3:e4:95:79:
         4b:cb:dd:ec:d5:57:57:0b:e8:91:97:cf:d4:a6:f7:d0:62:f0:
         4d:50:73:ba:ff:ad:dd:54:cb:68:db:80:fe:f9:2a:5a:79:5e:
         93:85:aa:b2:f1:23:46:92:67:74:84:6d:32:e9:06:47:45:0d:
         55:c3:06:bf:72:a2:82:32:55:12:ae:22:20:cc:aa:cf:04:98:
         1c:7f:ff:f9:44:54:ca:d4:5e:62:8d:98:e8:6d:78:b1:7a:03:
         ae:8f:35:ce
-----BEGIN CERTIFICATE-----
MIIDZjCCAk6gAwIBAgIQfl1+bTBLKEtAQF8xWA5azDANBgkqhkiG9w0BAQsFADAa
MRgwFgYDVQQDDA9zZXJ2ZXIuc2FrYWkuY2YwHhcNMjIwNDA0MDQyMDU0WhcNMjUw
MzE5MDQyMDU0WjARMQ8wDQYDVQQDDAZzZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDceD0yUEYRvgnLmP52pPeNtkFBCW4zr54StF4+GqtA4rFu
pSm2M1E3W40S5Y3rkgjeFLAq0PSk0d7UITZneTcsvexRZwIIwv3bP6snt+Mdkbc9
QmdtkMEL3NoS/Hx/4xa1F1aw3SLPp44X4zO/bqixYxdNDnsRkQdu8kWouO9jcaue
Ntl0ijkxPVgS8+mXuZ808jKQtvD3eyzXJKAa3rd24OaTgbQ16lEDFpWU+k3hwKwy
ZqpmgXcXls8CZJnyDQTvHBr2jHOEQCTisfWa2uwvN/piEBpshw4D1LY+Ier3cROF
v4uTnxcw0G71vPhGRrUL8jB4MyMbqPY1ZJv3cuAvAgMBAAGjgbAwga0wCQYDVR0T
BAIwADAdBgNVHQ4EFgQU7bUfsZM5CQ8nNnNeKkxL2UkzUZEwVQYDVR0jBE4wTIAU
Xz1/kwyIXAHDlJBhFXnmNi7jUeehHqQcMBoxGDAWBgNVBAMMD3NlcnZlci5zYWth
aS5jZoIUTDQctpXVhAgtI3egn4vlGu6Ggi4wHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMAsGA1UdDwQEAwIFoDANBgkqhkiG9w0BAQsFAAOCAQEArdhXoZ6d
q2+nVbMRF0qTOxx79xVqW/2tQZr+IE4CktE/wY4yiGrIyPkLaf2Du7j7ObEYqNdg
Fnmoy+GLRYqkJTkkBva4ujv8/JoDkeoPEavjwbRte3ynkuPPLtWY0iyEv97HxLhE
3Pe4+XYuMynQELQKjva8bKVp3YKUSOnSumyBWF2Y5283NqfrYsery+DZcJETNZC8
ElBv0I0LW//j5JV5S8vd7NVXVwvokZfP1Kb30GLwTVBzuv+t3VTLaNuA/vkqWnle
k4WqsvEjRpJndIRtMukGR0UNVcMGv3KigjJVEq4iIMyqzwSYHH//+URUytReYo2Y
6G14sXoDro81zg==
-----END CERTIFICATE-----
EOF9

 cat <<'EOF10'> /etc/openvpn/server.key
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDceD0yUEYRvgnL
mP52pPeNtkFBCW4zr54StF4+GqtA4rFupSm2M1E3W40S5Y3rkgjeFLAq0PSk0d7U
ITZneTcsvexRZwIIwv3bP6snt+Mdkbc9QmdtkMEL3NoS/Hx/4xa1F1aw3SLPp44X
4zO/bqixYxdNDnsRkQdu8kWouO9jcaueNtl0ijkxPVgS8+mXuZ808jKQtvD3eyzX
JKAa3rd24OaTgbQ16lEDFpWU+k3hwKwyZqpmgXcXls8CZJnyDQTvHBr2jHOEQCTi
sfWa2uwvN/piEBpshw4D1LY+Ier3cROFv4uTnxcw0G71vPhGRrUL8jB4MyMbqPY1
ZJv3cuAvAgMBAAECggEBAMj1TIrFAul/OHx9i0zoF8HzY819ZBb2t/ZCtDiVpI3z
VFoPcFLkud3ktFWKKm+UYELVxrJwXt6xchQX5fgxVCqTP4n/g6oq2qvzf/YnNnyo
ascK9S24qU4/1ANEY9NKUlNk3589IlL3XpzFe1C99EQkl4OkdGdRs93cNcSSNZqE
vBgRgadBfa9hfSzoUM/mT7/4cVxpUVKzqUY+5R/ArioOHnVuxEJ3SYTP3R4OZ/Cy
AXuTn95CEcefA1lz4lk1vRx5eKXczr5pk3BiuK/H/nOP8mqTujGXFThNTURa0v+u
SdNTjjc3JZcN3+Yj5vCR8aN9bnCueH5YHPsFvrnHQxkCgYEA7r1oNP5awWNMOELg
2ZNi2Mc/+w+dSHbXPFGmOuitMEC2jO4JAH50Aqv1C8FmLvf+0TJheBI+ppc7TIWC
I2IhHb58ZoFS94gDexHmX1CSy4TjC7uh2+TA8Tq4g39qp+EnxMHdaEMqtOWeqwLJ
1/1iK4Ze0PDFk4RaMq+fo7XO1nsCgYEA7GiwDdeIeiCyjv9DhPUZcF8DbLi+cHHG
M6qTNDBspo53R8hBaq7YlZb/7qNFT7LA81JhxfakK9JHbripUC5o84BJsx15RDEr
Y6rO7wbfeuxTdUeUg6qLes6GVEr/7c8G0i4gaoSdluNhsso+OVkrW5AP1xEg4573
q0zzJYV5qN0CgYEAjFfv8Gct9s1muxQllgHcc879v5r4POcPtDfTXoH1fY4tQj+U
LyQnEoL/tH9mkGnc9CGHxswC5G+2vk8lp6NCEHgwLRoNKdJdKXXmVVXKVbWyuuz8
Q4YAHk8EtNisXDAx7qqAe5AwhNMPKTykZ0Je+XMuPemsXAHL/EvdrqFsDA0CgYA6
0tWzrASedtJXOHbhd2csCcg9Xj6slfK+WlwkaUQvsVVGvDJizDzCA/+Mrn2Jli3i
nYYMjxFMghcaGsKuW83rgOlVsyjAagek1hSFb01eNb2SegwfMulf1lGgWcUStCe7
VpTkTDk2GT/vD9mpxWE/eDooxm9Lk/uGWTBLDso11QKBgQCeiBs/oitKX8bJ+dGe
KA0RnkolY8fdCIA8WpsDz+c5x6mLHZfo/RpfvS4Bk4YYyZyTwkwBXAKPVumuaURU
7+MIJss3rEXIvm6NqitFUVPbDhx2wC+Hz9VojtGVoU7io/WuVIOZkwZibYwq1M4j
CFmjViTVqAYAWQRWFyRP2xr2qg==
-----END PRIVATE KEY-----
EOF10

 cat <<'EOF13'> /etc/openvpn/dh2048.pem
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEAzBWsEhJyCpFolSE50xU2KP2tZqfVq/w7yviXOYqt/h+wuia43iky
h852/xQ0IIQCUqlphV6He2Mff4BkIYfdiK+vuybGKGtoZnuADDnHHxnBY/QquF74
XdLDVJuGUC4BGuUJNXT2B3vQ8Jr+nqgydBbukk39wiH+VWuWy1UhtpSrRRy81+HN
x0irDQsOlb8b8QBxvksIxfHXmRxLvSJUwfAEsgaVeWdOfp2h51d14Rh/peBnCnHs
A7YSE8v5DToQAmLeI7hJbNICoTOahrBGnd0+qUuTAKunzsWWgJB8RyUFyj2xEQrH
7KCiGpXxq5rlxK7LSFFQbXRRW/9a9b9SowIBAg==
-----END DH PARAMETERS-----
EOF13



 # Creating a New update message in server.conf
 cat <<'NUovpn' > /etc/openvpn/server.conf
 # New Update are now released, OpenVPN Server
 # are now running both TCP and UDP Protocol. (Both are only running on IPv4)
 # But our native server.conf are now removed and divided
 # Into two different configs base on their Protocols:
 #  * OpenVPN TCP (located at /etc/openvpn/server_tcp.conf
 #  * OpenVPN UDP (located at /etc/openvpn/server_udp.conf
 # 
 # Also other logging files like
 # status logs and server logs
 # are moved into new different file names:
 #  * OpenVPN TCP Server logs (/etc/openvpn/tcp.log)
 #  * OpenVPN UDP Server logs (/etc/openvpn/udp.log)
 #  * OpenVPN TCP Status logs (/etc/openvpn/tcp_stats.log)
 #  * OpenVPN UDP Status logs (/etc/openvpn/udp_stats.log)
 #
 # Server ports are configured base on env vars
 # executed/raised from this script (OpenVPN_TCP_Port/OpenVPN_UDP_Port)
 #
NUovpn

 # setting openvpn server port
 sed -i "s|OVPNTCP|$OpenVPN_TCP_Port|g" /etc/openvpn/server_tcp.conf
 sed -i "s|OVPNUDP|$OpenVPN_UDP_Port|g" /etc/openvpn/server_udp.conf
 sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/openvpn/server_tcp.conf
 sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/openvpn/server_udp.conf
 sed -i "s|Tcp_Monitor_Port|$Tcp_Monitor_Port|g" /etc/openvpn/server_tcp.conf
 sed -i "s|Udp_Monitor_Port|$Udp_Monitor_Port|g" /etc/openvpn/server_udp.conf

 # Getting some OpenVPN plugins for unix authentication
 cd
 wget https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/plugin.tgz
 tar -xzvf /root/plugin.tgz -C /etc/openvpn/
 rm -f plugin.tgz
 
 # Some workaround for OpenVZ machines for "Startup error" openvpn service
 if [[ "$(hostnamectl | grep -i Virtualization | awk '{print $2}' | head -n1)" == 'openvz' ]]; then
 sed -i 's|LimitNPROC|#LimitNPROC|g' /lib/systemd/system/openvpn*
 systemctl daemon-reload
fi

 # Allow IPv4 Forwarding
 sed -i '/net.ipv4.ip_forward.*/d' /etc/sysctl.conf
 sed -i '/net.ipv4.ip_forward.*/d' /etc/sysctl.d/*.conf
 echo 'net.ipv4.ip_forward=1' > /etc/sysctl.d/20-openvpn.conf
 sysctl --system &> /dev/null

 # Iptables Rule for OpenVPN server
 cat <<'EOFipt' > /etc/openvpn/openvpn.bash
#!/bin/bash
PUBLIC_INET="$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1)"
IPCIDR='10.200.0.0/16'
IPCIDR2='10.201.0.0/16'
iptables -I FORWARD -s $IPCIDR -j ACCEPT
iptables -I FORWARD -s $IPCIDR2 -j ACCEPT
iptables -t nat -A POSTROUTING -o $PUBLIC_INET -j MASQUERADE
iptables -t nat -A POSTROUTING -s $IPCIDR -o $PUBLIC_INET -j MASQUERADE
iptables -t nat -A POSTROUTING -s $IPCIDR2 -o $PUBLIC_INET -j MASQUERADE
EOFipt
 chmod +x /etc/openvpn/openvpn.bash
 bash /etc/openvpn/openvpn.bash

 # Enabling IPv4 Forwarding
 echo 1 > /proc/sys/net/ipv4/ip_forward
 
 # Starting OpenVPN server
 systemctl start openvpn@server_tcp
 systemctl enable openvpn@server_tcp
 systemctl start openvpn@server_udp
 systemctl enable openvpn@server_udp

}
function InsProxy(){

 # Removing Duplicate privoxy config
 rm -rf /etc/privoxy/config*
 
 # Creating Privoxy server config using cat eof tricks
 cat <<'privoxy' > /etc/privoxy/config
# My Privoxy Server Config
user-manual /usr/share/doc/privoxy/user-manual
confdir /etc/privoxy
logdir /var/log/privoxy
filterfile default.filter
logfile logfile
listen-address 0.0.0.0:Privoxy_Port1
listen-address 0.0.0.0:Privoxy_Port2
toggle 1
enable-remote-toggle 0
enable-remote-http-toggle 0
enable-edit-actions 0
enforce-blocks 0
buffer-limit 4096
enable-proxy-authentication-forwarding 1
forwarded-connect-retries 1
accept-intercepted-requests 1
allow-cgi-request-crunching 1
split-large-forms 0
keep-alive-timeout 5
tolerate-pipelining 1
socket-timeout 300
permit-access 0.0.0.0/0 IP-ADDRESS
privoxy

 # Setting machine's IP Address inside of our privoxy config(security that only allows this machine to use this proxy server)
 sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/privoxy/config
 
 # Setting privoxy ports
 sed -i "s|Privoxy_Port1|$Privoxy_Port1|g" /etc/privoxy/config
 sed -i "s|Privoxy_Port2|$Privoxy_Port2|g" /etc/privoxy/config

 # Starting Proxy server
echo -e "Restarting Privoxy Proxy server..."
systemctl restart privoxy

 # Removing Duplicate Squid config
 rm -rf /etc/squid/squid.con*
 
 # Creating Squid server config using cat eof tricks
 cat <<'mySquid' > /etc/squid/squid.conf
# My Squid Proxy Server Config
acl VPN dst IP-ADDRESS/32
http_access allow VPN
http_access deny all 
http_port 0.0.0.0:Squid_Port1
http_port 0.0.0.0:Squid_Port2
http_port 0.0.0.0:Squid_Port3
### Allow Headers
request_header_access Allow allow all 
request_header_access Authorization allow all 
request_header_access WWW-Authenticate allow all 
request_header_access Proxy-Authorization allow all 
request_header_access Proxy-Authenticate allow all 
request_header_access Cache-Control allow all 
request_header_access Content-Encoding allow all 
request_header_access Content-Length allow all 
request_header_access Content-Type allow all 
request_header_access Date allow all 
request_header_access Expires allow all 
request_header_access Host allow all 
request_header_access If-Modified-Since allow all 
request_header_access Last-Modified allow all 
request_header_access Location allow all 
request_header_access Pragma allow all 
request_header_access Accept allow all 
request_header_access Accept-Charset allow all 
request_header_access Accept-Encoding allow all 
request_header_access Accept-Language allow all 
request_header_access Content-Language allow all 
request_header_access Mime-Version allow all 
request_header_access Retry-After allow all 
request_header_access Title allow all 
request_header_access Connection allow all 
request_header_access Proxy-Connection allow all 
request_header_access User-Agent allow all 
request_header_access Cookie allow all 
request_header_access All deny all
### HTTP Anonymizer Paranoid
reply_header_access Allow allow all 
reply_header_access Authorization allow all 
reply_header_access WWW-Authenticate allow all 
reply_header_access Proxy-Authorization allow all 
reply_header_access Proxy-Authenticate allow all 
reply_header_access Cache-Control allow all 
reply_header_access Content-Encoding allow all 
reply_header_access Content-Length allow all 
reply_header_access Content-Type allow all 
reply_header_access Date allow all 
reply_header_access Expires allow all 
reply_header_access Host allow all 
reply_header_access If-Modified-Since allow all 
reply_header_access Last-Modified allow all 
reply_header_access Location allow all 
reply_header_access Pragma allow all 
reply_header_access Accept allow all 
reply_header_access Accept-Charset allow all 
reply_header_access Accept-Encoding allow all 
reply_header_access Accept-Language allow all 
reply_header_access Content-Language allow all 
reply_header_access Mime-Version allow all 
reply_header_access Retry-After allow all 
reply_header_access Title allow all 
reply_header_access Connection allow all 
reply_header_access Proxy-Connection allow all 
reply_header_access User-Agent allow all 
reply_header_access Cookie allow all 
reply_header_access All deny all
#sakai
cache_mem 200 MB
maximum_object_size_in_memory 32 KB
maximum_object_size 1024 MB
minimum_object_size 0 KB
cache_swap_low 90
cache_swap_high 95
cache_dir ufs /var/spool/squid 100 16 256
access_log /var/log/squid/access.log squid
### CoreDump
coredump_dir /var/spool/squid
dns_nameservers 1.1.1.1 1.0.0.1
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
visible_hostname irwanmohi
mySquid

 # Setting machine's IP Address inside of our Squid config(security that only allows this machine to use this proxy server)
 sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/squid/squid.conf
 
 # Setting squid ports
 sed -i "s|Squid_Port1|$Squid_Port1|g" /etc/squid/squid.conf
 sed -i "s|Squid_Port2|$Squid_Port2|g" /etc/squid/squid.conf
 sed -i "s|Squid_Port3|$Squid_Port3|g" /etc/squid/squid.conf

 # Starting Proxy server
 echo -e "Restarting Squid Proxy server..."
 systemctl restart squid
}

function FogPanel(){

rm /home/vps/public_html -rf
rm /etc/nginx/sites-* -rf
rm /etc/nginx/nginx.conf -rf
sleep 1
mkdir -p /home/vps/public_html

# Creating nginx config for our webserver
cat <<'myNginxC' > /etc/nginx/nginx.conf

user www-data;

worker_processes 1;
pid /var/run/nginx.pid;

events {
	multi_accept on;
  worker_connections 1024;
}

http {
	gzip on;
	gzip_vary on;
	gzip_comp_level 5;
	gzip_types    text/plain application/x-javascript text/xml text/css;

	autoindex on;
  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  keepalive_timeout 65;
  types_hash_max_size 2048;
  server_tokens off;
  include /etc/nginx/mime.types;
  default_type application/octet-stream;
  access_log /var/log/nginx/access.log;
  error_log /var/log/nginx/error.log;
  client_max_body_size 32M;
	client_header_buffer_size 8m;
	large_client_header_buffers 8 8m;

	fastcgi_buffer_size 8m;
	fastcgi_buffers 8 8m;

	fastcgi_read_timeout 600;


  include /etc/nginx/conf.d/*.conf;
}

myNginxC

# Creating vps config for our OCS Panel
cat <<'myvpsC' > /etc/nginx/conf.d/vps.conf
server {
  listen       Nginx_Port;
  server_name  127.0.0.1 localhost;
  access_log /var/log/nginx/vps-access.log;
  error_log /var/log/nginx/vps-error.log error;
  root   /home/vps/public_html;

  location / {
    index  index.html index.htm index.php;
    try_files $uri $uri/ /index.php?$args;
  }

  location ~ \.php$ {
    include /etc/nginx/fastcgi_params;
    fastcgi_pass  127.0.0.1:Php_Socket;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  }
}

myvpsC

# Creating monitoring config for our OpenVPN Monitoring Panel
cat <<'myMonitoringC' > /etc/nginx/conf.d/monitoring.conf

server {
    listen sakai_Openvpn_Monitoring;
    location / {
        uwsgi_pass unix:///run/uwsgi/app/openvpn-monitor/socket;
        include uwsgi_params;
    }
}

myMonitoringC

#this is the home page of our webserver
wget -O /home/vps/public_html/index.php "https://raw.githubusercontent.com/korn-sudo/Project-Fog/main/files/panel/index.php"


# Setting up our WebServer Ports and IP Addresses
cd
sleep 1

sed -i "s|/run/php/php7.4-fpm.sock|127.0.0.1:$Php_Socket|g" /etc/php/7.4/fpm/pool.d/www.conf
sed -i "s|Php_Socket|$Php_Socket|g" /etc/nginx/conf.d/vps.conf
sed -i "s|Nginx_Port|$Nginx_Port|g" /etc/nginx/conf.d/vps.conf
sed -i "s|sakai_Openvpn_Monitoring|$sakai_Openvpn_Monitoring|g" /etc/nginx/conf.d/monitoring.conf
sed -i "s|sakai_Openvpn_Monitoring|$sakai_Openvpn_Monitoring|g" /home/vps/public_html/index.php
sed -i "s|sakaiserverip|$IPADDR|g" /home/vps/public_html/index.php
sed -i "s|v2portas|65432|g" /home/vps/public_html/index.php

sed -i "s|SSH_Port1|$SSH_Port1|g" /home/vps/public_html/index.php
sed -i "s|SSH_Port2|$SSH_Port2|g" /home/vps/public_html/index.php
sed -i "s|Dropbear_Port1|$Dropbear_Port1|g" /home/vps/public_html/index.php
sed -i "s|Dropbear_Port2|$Dropbear_Port2|g" /home/vps/public_html/index.php
sed -i "s|Stunnel_Port1|$Stunnel_Port1|g" /home/vps/public_html/index.php
sed -i "s|Stunnel_Port2|$Stunnel_Port2|g" /home/vps/public_html/index.php
sed -i "s|Stunnel_Port3|$Stunnel_Port3|g" /home/vps/public_html/index.php
sed -i "s|Privoxy_Port1|$Privoxy_Port1|g" /home/vps/public_html/index.php
sed -i "s|Privoxy_Port2|$Privoxy_Port1|g" /home/vps/public_html/index.php
sed -i "s|Squid_Port1|$Squid_Port1|g" /home/vps/public_html/index.php
sed -i "s|Squid_Port2|$Squid_Port2|g" /home/vps/public_html/index.php
sed -i "s|Squid_Port3|$Squid_Port3|g" /home/vps/public_html/index.php
sed -i "s|OHP_Port1|$OHP_Port1|g" /home/vps/public_html/index.php
sed -i "s|OHP_Port2|$OHP_Port2|g" /home/vps/public_html/index.php
sed -i "s|OHP_Port3|$OHP_Port3|g" /home/vps/public_html/index.php
sed -i "s|OHP_Port4|$OHP_Port4|g" /home/vps/public_html/index.php
sed -i "s|OHP_Port5|$OHP_Port5|g" /home/vps/public_html/index.php
sed -i "s|Simple_Port1|$Simple_Port1|g" /home/vps/public_html/index.php
sed -i "s|Simple_Port2|$Simple_Port2|g" /home/vps/public_html/index.php
sed -i "s|Direct_Port1|$Direct_Port1|g" /home/vps/public_html/index.php
sed -i "s|Direct_Port2|$Direct_Port2|g" /home/vps/public_html/index.php
sed -i "s|Open_Port1|$Open_Port1|g" /home/vps/public_html/index.php
sed -i "s|Open_Port2|$Open_Port2|g" /home/vps/public_html/index.php
sed -i "s|NXPort|$Nginx_Port|g" /home/vps/public_html/index.php

service nginx restart

apt -y install python3-virtualenv geoip-database geoip-database-extra
apt -y install git apache2 libapache2-mod-wsgi python3-geoip2 python3-humanize python3-bottle python3-semantic-version geoip-database geoip-database-extra
apt -y install git gcc nginx uwsgi uwsgi-plugin-python3 virtualenv python3-dev libgeoip-dev geoip-database geoip-database-extra



# Setting Up OpenVPN monitoring
wget -O /srv/openvpn-monitor.zip "https://github.com/korn-sudo/Project-Fog/raw/main/files/panel/openvpn-monitor.zip"
cd /srv
unzip -qq openvpn-monitor.zip
rm -f openvpn-monitor.zip
cd openvpn-monitor
virtualenv -p python3 .
. bin/activate
pip install -r requirements.txt

#updating ports for openvpn monitoring
 sed -i "s|Tcp_Monitor_Port|$Tcp_Monitor_Port|g" /srv/openvpn-monitor/openvpn-monitor.conf
 sed -i "s|Udp_Monitor_Port|$Udp_Monitor_Port|g" /srv/openvpn-monitor/openvpn-monitor.conf


# Creating monitoring .ini for our OpenVPN Monitoring Panel
cat <<'myMonitorINI' > /etc/uwsgi/apps-available/openvpn-monitor.ini
[uwsgi]
base = /srv
project = openvpn-monitor
logto = /var/log/uwsgi/app/%(project).log
plugins = python3
chdir = %(base)/%(project)
virtualenv = %(chdir)
module = openvpn-monitor:application
manage-script-name = true
mount=/openvpn-monitor=openvpn-monitor.py
myMonitorINI

ln -s /etc/uwsgi/apps-available/openvpn-monitor.ini /etc/uwsgi/apps-enabled/

# GeoIP For OpenVPN Monitor
mkdir -p /var/lib/GeoIP
wget -O /var/lib/GeoIP/GeoLite2-City.mmdb.gz "https://github.com/korn-sudo/Project-Fog/raw/main/files/panel/GeoLite2-City.mmdb.gz"
gzip -d /var/lib/GeoIP/GeoLite2-City.mmdb.gz

function ip_address(){
  local IP="$( ip addr | egrep -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | egrep -v "^192\.168|^172\.1[6-9]\.|^172\.2[0-9]\.|^172\.3[0-2]\.|^10\.|^127\.|^255\.|^0\." | head -n 1 )"
  [ -z "${IP}" ] && IP="$( wget -qO- -t1 -T2 ipv4.icanhazip.com )"
  [ -z "${IP}" ] && IP="$( wget -qO- -t1 -T2 ipinfo.io/ip )"
  [ ! -z "${IP}" ] && echo "${IP}" || echo
} 
IPADDR="$(ip_address)"

# Applying cron job 
cd
echo "SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" | crontab -
sleep 1

echo "#OHP Server
@reboot /usr/local/sbin/sakai-ohp-updater-sakai-obs

#Multi-login Limit ON dropbear,ssh,ssl (not included: openvpn)
@reboot /usr/local/sbin/limiter-sakai-obs
@reboot /usr/local/sbin/sakai-limiter-activator-obs

# Python Socks Server
@reboot /usr/local/sbin/sakai-python-updater-sakai-obs

# Timer for Auto-reconnect
@reboot /usr/local/sbin/disable-orasan


" >> /var/spool/cron/crontabs/root

}

###### Chokepoint for Debian and Ubuntu No.2  vvvvvv

function ConfMenu(){
echo -e " Creating Menu scripts.."

cd /usr/local/sbin/
wget -q 'https://github.com/korn-sudo/Project-Fog/raw/main/files/menu/menu-deb-v301.zip'
unzip -qq menu-deb-v301.zip
rm -f menu-deb-v301.zip
chmod +x ./*
dos2unix ./* &> /dev/null
sed -i 's|/etc/squid/squid.conf|/etc/privoxy/config|g' ./*
sed -i 's|http_port|listen-address|g' ./*
cd ~

wget -O /usr/bin/uninstaller-sakai-obs "https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/debian_unins-fog-obs"
chmod +x /usr/bin/uninstaller-sakai-obs

}

function ports_info(){

# For Edit Port dependencies
mkdir -p /etc/project-sakai/service-ports
mkdir -p /etc/project-sakai/v2

echo "$SSH_Port1" > /etc/project-sakai/service-ports/sshp1
echo "$SSH_Port2" > /etc/project-sakai/service-ports/sshp2

echo "$OpenVPN_TCP_Port" > /etc/project-sakai/service-ports/openvpn-tcp
echo "$OpenVPN_UDP_Port" > /etc/project-sakai/service-ports/openvpn-udp

echo "$Squid_Port1" > /etc/project-sakai/service-ports/squid1
echo "$Squid_Port2" > /etc/project-sakai/service-ports/squid2
echo "$Squid_Port3" > /etc/project-sakai/service-ports/squid3

echo "$Privoxy_Port1" > /etc/project-sakai/service-ports/priv1
echo "$Privoxy_Port2" > /etc/project-sakai/service-ports/priv2

echo "$Dropbear_Port1" > /etc/project-sakai/service-ports/dropbear1
echo "$Dropbear_Port2" > /etc/project-sakai/service-ports/dropbear2

echo "$Stunnel_Port2" > /etc/project-sakai/service-ports/stunnel-ssh
echo "$Stunnel_Port1" > /etc/project-sakai/service-ports/stunnel-drop
echo "$Stunnel_Port3" > /etc/project-sakai/service-ports/stunnel-open

echo "65432" > /etc/project-sakai/v2/panel_port

}

function InsV2ray(){

bash <(curl -Ls https://raw.githubusercontent.com/irwan-aidan/v2-ui/main/install.sh)

sleep 1

cat <<'v2about' > /etc/project-sakai/v2/about

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░


                     ░▒▓█ ☁️ Project sakai ☁️ █▓▒░

What is V2Ray?
Multiple inbound/outbound proxies: one V2Ray instance supports in 
parallel multiple inbound and outbound protocols. Each protocol works 
independently.


Current Supported Protocols: 
1. Vmess	5. Dokodemo-door
2. Vless 	6. Socks
3. Trojan	7. HTTP
4. Shadowsocks


How to Use V2Ray?
1. Go to your browser and enter this link: 
  
   http://IP-ADDRESS:65432

2. Login Username: admin
   Login Password: admin  
3. Go to Accounts
4. Tap or click the " + " button. its color blue.
5. Add Account Tab will appear and 
   fill in and choose parameters for your V2Ray.


REMINDERS:
1. Please use port ramdomly given V2Ray Panel.
2. If you want preferred port, make sure it is not
   currently use by other services or else
   your all V2Ray connection will not work.
3. iF you accidentally hit current use port in your V2Ray config,
   A. Go to Panel > Accounts > : and delete all accounts.
   B. Go to your VPS and restart V2ray using Menu.
      or simply reboot your VPS.


Supported Platforms:
1. Windows
2. Andoid Phones
3. iPhones
4. Mac


Notes:
This V2Ray Panel is made by Sprov.
All credits to Sprov.
Check his work at: 
https://github.com/sprov065
https://blog.sprov.xyz/

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░


v2about

sleep 1

sed -i "s|IP-ADDRESS|$IPADDR|g" /etc/project-sakai/v2/about


}


function ScriptMessage(){
clear
echo ""
echo ""
echo ""
echo -e "                            ░▒▓█ ☁️ Project sakai ☁️ █▓▒░" 
echo " "
echo -e "                     This Script is FREE always and forever . . ."
echo -e "                               by: irwanmohi 🦊  "
echo ""
echo ""
echo -e "                                    Credits to:"
echo -e "                                    PHC-Ford [FordSenpai] 🐱"
echo -e "                                    Bon-chan 🦢"
echo -e "                                    lfasmpao 🐯"
echo -e "                                    ADM-Manager 🐬"
echo -e "                                    Sprov 🌤️"
echo -e "                                    WaGo-G 🔥"
echo -e "                                    PHC_JAYVEE ☣️"
echo ""
echo ""
}

function InstBadVPN(){
 # Pull BadVPN Binary 64bit or 32bit
if [ "$(getconf LONG_BIT)" == "64" ]; then
 wget -O /usr/bin/badvpn-udpgw "https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/badvpn-udpgw64"
else
 wget -O /usr/bin/badvpn-udpgw "https://github.com/korn-sudo/Project-Fog/raw/main/files/plugins/badvpn-udpgw"
fi
 # Set BadVPN to Start on Boot via .profile
 sed -i '$ i\screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300' /root/.profile
 # Change Permission to make it Executable
 chmod +x /usr/bin/badvpn-udpgw
 # Start BadVPN via Screen
 screen -AmdS badvpn badvpn-udpgw --listen-addr 127.0.0.1:7300
}

function CheckRequirements(){

###### Chokepoint for Debian and Ubuntu No.3   vvvvvv
 # Not Debian OS will be force exit
 source /etc/os-release
if [[ "$ID" != 'debian' ]]; then
 ScriptMessage
 echo -e "[\e[1;31mError\e[0m] This script is for debian only, exiting..." 
 exit 1
fi

 # Non-rooted machine will be force exit
 # If you're on sudo user, run `sudo su -` first before running this script
 if [[ $EUID -ne 0 ]];then
 ScriptMessage
 echo -e "[\e[1;31mError\e[0m] This script must be run as root, exiting..."
 exit 1
fi

 # (For OpenVPN) Checking it this machine have TUN Module, this is the tunneling interface of OpenVPN server
 if [[ ! -e /dev/net/tun ]]; then
 echo -e "[\e[1;31mError\e[0m] You cant use this script without TUN Module installed/embedded in your machine, file a support ticket to your machine admin about this matter"
 echo -e "[\e[1;31m-\e[0m] Script is now exiting..."
 exit 1
fi
###### Chokepoint for Debian and Ubuntu No.3  ^^^^^
}

function InstOthers(){

  # Running screenfetch
 wget -O /usr/bin/screenfetch "https://raw.githubusercontent.com/korn-sudo/Project-Fog/main/files/plugins/screenfetch"
 chmod +x /usr/bin/screenfetch
 echo "/bin/bash /etc/openvpn/openvpn.bash" >> .profile
 echo "clear" >> .profile
 echo "screenfetch" >> .profile

# Obash
cd
curl -skL "https://github.com/louigi600/obash/archive/8976fd2fa256c583769b979036f59a741730eb48.tar.gz" -o obash.tgz
tar xf obash.tgz && rm -f obash.tgz
sleep 1
cd obash-8976fd2fa256c583769b979036f59a741730eb48
make clean
make
mv -f obash /usr/local/bin/obash
cd .. && rm -rf obash-8976fd2fa256c583769b979036f59a741730eb48
cd

#alias menu
wget -O ./.bashrc "https://raw.githubusercontent.com/korn-sudo/Project-Fog/main/files/plugins/.bashrc"

#banner
cat <<'korn77' > /etc/irwanmohi/banner
<br><font>
<br><font>
<br><font color='green'> <b>    ░▒▓█ ☁️ Sakai VPN ☁️ █▓▒░</b> </br></font>
<br><font>
<br><font color='#32CD32'>: : : ★ Happy Browsing!😊 </br></font>
<br><font color='#32CD32'>: : : ★ This is FREE and Not for Sale! </br></font>
<br><font color='#FDD017'>: : : ★ Project Lead: irwanmohi 🦊</br></font>
<br><font>
<br><font color='#32CD32'>: : : ★ STRICTLY NO ACCOUNT SHARING</br></font>
<br><font color='#32CD32'>: : : ★ STRICTLY NO MULTI-LOGIN</br></font>
<br><font color='#32CD32'>: : : ★ STRICTLY NO TORRENT</br></font>
<br><font>
<br><font color='#FF00FF'>░▒▓█ VIOLATORS WILL BE BAN!!!</br></font>
<br><font>
<br><font>
korn77


#block-by-keyword
mkdir -p /etc/vil 
echo "#!/bin/bash " >> /etc/vil


# Timer Notification in menu section checker
echo " " > /etc/sakai/timer-proxy
echo " " > /etc/sakai/timer-seconds


#Tweak for IPV4 TCP/UDP speed and maximize capability function Status: OFF
cd
mkdir -p /etc/project-sakai/others
echo "#Project sakai TCP Tweak OFF" > /etc/sysctl.conf
echo "off" > /etc/project-sakai/others/tcptweaks

 # Setting server local time
 ln -fs /usr/share/zoneinfo/$MyVPS_Time /etc/localtime

#version of Project sakai autoscript
echo "$ver" > /etc/sakai/version

# Start-up Application Verification (protection for modders)
mkdir -p /usr/lib/kshell
echo "75" > /usr/lib/kshell/libs

}

function Installation-log(){

clear
echo ""
echo " INSTALLATION FINISH! "
echo ""
echo ""
echo "Server Information: " | tee -a log-install.txt | lolcat
echo "   • Timezone       : $MyVPS_Time " tee -a log-install.txt | lolcat
echo "   • Fail2Ban       : [ON]"  | tee -a log-install.txt | lolcat
echo "   • IPtables       : [ON]"  | tee -a log-install.txt | lolcat
echo "   • Auto-Reboot    : [OFF] See menu to [ON] "  | tee -a log-install.txt
echo "   • TCP Speed Tweak: [OFF] See menu to [ON]" | tee -a log-install.txt | lolcat
echo "   • Squid Cache    : [ON]" | tee -a log-install.txt | lolcat
echo "   • IPv6           : [OFF]"  | tee -a log-install.txt  | lolcat

echo " "| tee -a log-install.txt | lolcat
echo "Automated Features:"| tee -a log-install.txt | lolcat
echo "   • Auto delete expired user account"| tee -a log-install.txt | lolcat
echo "   • Auto restart server "| tee -a log-install.txt | lolcat
echo "   • Auto disconnect multilogin users [Openvpn not included]."| tee -a log-install.txt | lolcat
echo "   • Auto configure firewall every reboot[Protection for torrent and etc..]"| tee -a log-install.txt | lolcat
echo "   • Auto updated firewall[if port change,removed or add,firewall will adapt your new port]"| tee -a log-install.txt | lolcat
echo "   • Auto updated OHP[Over-HTTP-Puncher]working even theres changes in ports"| tee -a log-install.txt | lolcat

echo " " | tee -a log-install.txt | lolcat
echo "Services & Port Information:" | tee -a log-install.txt | lolcat
echo "   • OpenVPN              : [ON] : TCP: $OpenVPN_TCP_Port | UDP: $OpenVPN_UDP_Port" | tee -a log-install.txt | lolcat
echo "   • Dropbear             : [ON] : $Dropbear_Port1 | $Dropbear_Port2 " | tee -a log-install.txt | lolcat
echo "   • Squid Proxy          : [ON] : $Squid_Port1 | $Squid_Port2 |$Squid_Port3 | limit to IP Server" | tee -a log-install.txt | lolcat
echo "   • Privoxy              : [ON] : $Privoxy_Port1 | $Privoxy_Port2 | limit to IP Server" | tee -a log-install.txt | lolcat
echo "   • SSL through Dropbear : [ON] : $Stunnel_Port1  " | tee -a log-install.txt | lolcat
echo "   • SSL through OpenSSH  : [ON] : $Stunnel_Port2" | tee -a log-install.txt | lolcat
echo "   • SSL through Openvpn  : [ON] : $Stunnel_Port3 " | tee -a log-install.txt | lolcat
echo "   • OHP [through Squid]  : [ON] : $OHP_Port1 | $OHP_Port2 " | tee -a log-install.txt | lolcat
echo "   • OHP [through Privoxy]: [ON] : $OHP_Port3 | $OHP_Port4 " | tee -a log-install.txt | lolcat
echo "   • OHP [through Openvpn]: [ON] : $OHP_Port5 " | tee -a log-install.txt | lolcat
echo "   • Simple Socks Proxy   : [ON] : $Simple_Port1 | $Simple_Port2 " | tee -a log-install.txt | lolcat
echo "   • Direct Socks Proxy   : [ON] : $Direct_Port1 | $Direct_Port2 " | tee -a log-install.txt | lolcat
echo "   • Openvpn Socks Proxy  : [ON] : $Open_Port1   | $Open_Port2 " | tee -a log-install.txt | lolcat
echo "   • ShadowsocksR Server  : [OFF] : Configure through menu " | tee -a log-install.txt | lolcat
echo "   • BADVPN               : [ON] : 7300 " | tee -a log-install.txt | lolcat
echo "   • Additional SSHD Port : [ON] :  $SSH_Port2" | tee -a log-install.txt | lolcat
echo "   • OCS Panel 		: [ON] : http://$IPADDR:$Nginx_Port" | tee -a log-install.txt | lolcat
echo "   • Openvpn Monitoring   : [ON] : http://$IPADDR:$sakai_Openvpn_Monitoring" | tee -a log-install.txt | lolcat
echo "   • V2ray Panel          : [ON] : http://$IPADDR:65432 " | tee -a log-install.txt | lolcat

echo "" | tee -a log-install.txt | lolcat
echo "Notes:" | tee -a log-install.txt | lolcat
echo "  ★ Edit/Change/Off/On your OHP Port and Python Socks [see in menu option] " | tee -a log-install.txt | lolcat
echo "  ★ Torrent Protection [ add newest torrent port] " | tee -a log-install.txt | lolcat
echo "  ★ Port Scanner Basic Protection  " | tee -a log-install.txt | lolcat
echo "  ★ Brute Force Attack Basic Protection  " | tee -a log-install.txt | lolcat
echo "  ★ All ports can be edited in Edit Menu. OHP and Socks Proxy adapt new port. " | tee -a log-install.txt | lolcat
echo "  ★ Multi-login Limit customize per user [see menu]. " | tee -a log-install.txt | lolcat
echo "  ★ To display list of commands: " [ menu ] or [ menu sakai ] "" | tee -a log-install.txt | lolcat
echo "" | tee -a log-install.txt | lolcat
echo "  ★ Other concern and questions of these auto-scripts?" | tee -a log-install.txt | lolcat
echo "    Direct Messege : www.facebook.com/sakaiips" | tee -a log-install.txt | lolcat
echo ""
read -p " Press enter.."
}


function Complete-reboot(){
clear
echo ""
echo ""
figlet Project sakai -c | lolcat
echo ""
echo "       Installation Complete! System need to reboot to apply all changes! "
read -p "                      Press Enter to reboot..."
reboot
}


#########################################################
###             Installation Begins...
#########################################################

# Filtering Machine did not meet Requirements
echo "Checking if your Server meet the requirements . . . "
CheckRequirements

ScriptMessage
sleep 2

#System Upgrade and Updates
echo " Installing Operating System Updates"
InstUpdates

# Configure OpenSSH and Dropbear
echo " Configuring ssh..."
InstSSH

# Configure Stunnel
echo " Configuring stunnel..."
InsStunnel

# Configure BadVPN UDPGW
echo " Configuring BadVPN UDPGW..."
InstBadVPN

# Configure Webmin
echo " Configuring webmin..."
InstWebmin

# Configure Squid and Privoxy
echo " Configuring proxy..."
InsProxy

# Configure Over-HTTP-Puncher
echo " Configuring Over-HTTP-Puncher..."
InsOHP

# Configure Python Socks Proxy
echo " Configuring Python Socks Proxy..."
InsPython

# Configure Shadowsocks R
echo " Configuring Shadowsocks R..."
InsShodowSocks

# Configure OpenVPN
echo " Configuring OpenVPN..."
InsOpenVPN

# Configuring Nginx OVPN config download site
echo " Configuring OpenVPN Config File and Panel Services..."
sakaiPanel

# Some assistance and startup scripts
echo " Configuring Startup Application Automation..."
ConfStartup

# VPS Menu script v1.0
echo " Configuring Main Dish Menu..."
ConfMenu

# Saving all Ports Information
echo " Saving all Ports Information..."
ports_info

# Configure OpenVPN
echo " Configuring V2Ray..."
InsV2ray

# Others Services ( Screenfetch, Setting Local, TCP Tweak )
echo " Adding other services..."
InstOthers

#Server Information and Details
echo "READ ME!"
Installation-log

#Final Touch (Reboot Remark)
Complete-reboot

 clear
 cd ~
 
exit 1
